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Validating Keying Material By Using A Validation Area Of Read- 
only Media To Prevent Playback Of Unauthorized Copies Of 
Content Stored On The Media 

copyright notice 

[0001] A portion of the disclosure of this patent document contains 
material which is subject to copyright protection. The copyright owner has no 
objection to the facsimile reproduction by anyone of the patent document or the 
patent disclosure as it appears in the Patent and Trademark Office patent file or 
records, but otherwise reserves all copyright rights whatsoever. 

FIELD OF THE INVENTION 

[0002] This invention relates to static and dynamic information storage and 
retrieval. More particularly, this invention relates to methods, apparatus and 
systems for the protection of stored information from unauthorized copying. 

BACKGROUND OF THE INVENTION 

[0003] Information or content may be stored on a wide variety of media. 
As the speed and convenience of accessing and copying stored information have 
increased, the threat of unauthorized copying of the information has increased 
correspondingly. Various schemes have been employed to protect content 
stored on read-only media from unauthorized access by storing various types of 
data in different regions of the medium. 

[0004] One such scheme can be illustrated in a medium such as a DVD- 
ROM (Digital Versatile Disc - Read Only Media), as illustrated in FIG. 1A. The 
medium 100 comprises a Data Area 102 and a Lead-in Area 104 (hereinafter 
referred to as a Non- Data Area 104). As further illustrated in FIG. 1B, the Data 
Area 102 comprises encrypted content 1 12 (or scrambled content in the case of 
DVD-Video content protected by the Content Scramble System (CSS)). 

[0005] On a DVD-ROM disc that contains DVD-Audio content protected by 
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CPPM, for example, the Control Data Area 110 (CDA 110) stores Keying 
Material 114 called an Album Identifier (and/or possibly Secure Disk Key Data in 
the case of DVD-Video content protected by the Content Scramble System). The 
Album Identifier is an 8-byte (64-bit) value that is randomly and individually 
assigned to each album to be protected. The cryptographic key needed to 
decrypt Encrypted Content 112 that is stored on the Data Area 102 of the 
medium is dependent on the Album Identifier value. Thus, if the Album Identifier 
is incorrectly copied to recordable media, for example, the incorrect Album I.D. 
will cause a player to form an incorrect cryptographic key, thus preventing the 
recordable medium from being played in a compliant manner. 

[0006] For such content protection to be effective, it is ideal that 
recordable media be designed to prevent the sector that contains the Keying 
Material 1 14 (e.g., Album Identifier that is stored in Control Data Area 1 1 0, 
Sector #2 or CDA 1 1 0 Sector #2 in the case of a DVD-ROM) from being written 
such that the Keying Material 1 14 cannot be copied. However, some forms of 
recordable media, such as DVD-R (Digital Video Disc - Recordable) and DVD- 
RW (Digital Video Disc - ReWriteable), which have sectors/layout similar to the 
DVD-ROM layout depicted in FIGS. 1A and 1B, may contain writeable sector 
addresses which allow one to record Keying Material 1 14 in the Data Area 102 
and assign it the address of the sector containing the Keying Material 114, such 
that a player may not be able to distinguish it from legitimate Keying Material 
114. Of course, it is also possible that other media (such as non-compliant DVD- 
Rs and DVD-RWs) may allow the sector that contains the Keying Material 1 14 to 
be directly written. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

[0007] The present invention is illustrated by way of example, and not by 
way of limitation, in the figures of the accompanying drawings and in which like 
reference numerals refer to similar elements and in which: 

[0008] FIG. 1 A depicts a first view of a medium, such as a DVD (Digital 
Versatile Disc). 

[0009] FIG. 1 B depicts an alternative view of the medium shown in FIG. 
1A. 

[0010] FIG. 2 is a flowchart illustrating a method in general embodiments 
of the invention. 

[0011] FIG. 3 is a flowchart illustrating an alternative method in 
embodiments of the invention. 

[0012] FIG. 4 depicts a layout of a BCA validated medium in accordance 
with embodiments of the invention. 

[0013] FIG. 5 is a conceptual diagram illustrating a system in accordance 
with embodiments of the invention. 
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DETAILED DESCRIPTION OF THE INVENTION 

[0014] In one aspect of the invention, a method for validating Keying 
Material stored on read-only media, such as a DVD-ROM, by using a Validation 
Area (VA) region of a medium to validate the authenticity of the Keying Material 
to prevent the playback of unauthorized copies of content prerecorded on read- 
only media, is disclosed. 

[0015] Keying Material as well as Validation Data used for validating the 
authenticity of the Keying Material are stored on read-only media. In one 
embodiment, a Validated Medium (i.e., a medium that comprises and uses a 
Validation Area to validate Keying Material, to be discussed), comprises Keying 
Material that may be directly written to the Validation Area of the medium. In this 
embodiment, Validation Data comprises the Keying Material itself. 

[0016] In one alternative embodiment, a Validated Medium comprises 
Keying Material that may be written to a non-Validation Area (non-VA region) of 
the medium, and Validation Data related to that Keying Material is created and 
written to the Validation Area (VA region) of the medium. 

[0017] In one variation of this alternative embodiment, Keying Material is 
written to a non-VA of the medium, and Validation Data comprises a copy of the 
Keying Material that is written to the VA region of the medium. In another 
variation, Keying Material is written to a non-VA of the medium, and Validation 
Data comprises a function of the Keying Material that is written to the VA region 
of the medium. 

[0018] In embodiments of the invention, a device for playing Validated 
Media is called a compliant device (hereinafter referred to as "compliant device" 
or simply "device", where a device that is non-compliant will be referred to as a 
"non-compliant device"). 

[0019] In one embodiment, a Validated Medium comprises Keying Material 
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directly written to the VA region of the medium, where the Validation Data 
comprises the Keying Material, and a compliant device validates the Keying 
Material without finding correspondence between the Keying Material and the 
Validation Data by virtue of the Keying Material being in the VA region of the 
medium. Newer media may comprise Keying Material that is directly written to 
the VA region of the media, and would rely on compliant devices for payability. 

[0020] In an alternative embodiment, a Validated Medium comprises 
Keying Material on a non-VA region of the medium, and Validation Data related 
to the Keying Material on the VA region of the medium, and a compliant device 
may validate the Keying Material without finding correspondence, or, 
alternatively, by finding correspondence between the Keying Material and the 
Validation Data as a prerequisite to validation. To preserve compatibility with 
non-compliant devices (which do not look for Validation Data in the VA region of 
media), newer media may comprise Keying Material 1 14 that is written to a non- 
VA region of a medium (where a non-compliant device would expect to find 
Keying Material 1 14, and where a compliant device would look for Keying 
Material 1 14 to validate), and write Validation Data to a VA region of a medium 
(where a compliant device would expect to find data for validating the Keying 
Material 1 14 that is in the non-VA region). 

[0021] In summary, a compliant device may validate the authenticity of 
Keying Material in a Validated Medium without checking correspondence where 
the Keying Material is written to the VA region of the medium, such that the 
Validation Data comprises the Keying Material itself. It is also contemplated that 
a compliant device may validate the authenticity of Keying Material in a Validated 
Medium without checking correspondence where Validation Data is written to the 
VA region of the medium, and Keying Material is written to the non-VA region of 
the medium. 

[0022] Where no correspondence is checked, a compliant device relies on 
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the properties of a VA region to establish that the Validation Data contained 
therein is correct, whether or not it corresponds to Keying Material 1 14 that may 
be written to the non-VA region of the medium. The Validation Data in the VA 
region may be used directly in protection schemes where the Validation Data 
comprises the Keying Material 114 itself (i.e., newer media relying on compliant 
devices); where the Validation Data comprises a copy of the Keying Material 114; 
or where a function exists for translating the Validation Data to the Keying 
Material 1 14, for example. At worst, if the Validation Data in the VA is incorrect, 
the resulting Keying Material 114 will form an incorrect cryptographic key, 
thereby preventing the content from being played in a compliant manner. 

[0023] A compliant device may alternatively validate the authenticity of 
Keying Material 1 14 in a Validated Medium by finding correspondence between 
the Keying Material 1 14 and the Validation Data where Validation Data is written 
to the VA region of the medium, and Keying Material 1 14 is written to the non-VA 
region of the medium. 

[0024] Where correspondence is checked and validated, a compliant 
device can be confident that there has been no tampering of the Keying Material 
1 14 in the non-VA region of the medium, since it corresponds properly to the 
Validation data in the VA. If the Keying Material 1 14 and the Validation Data do 
not correspond in the latter case, then the compliant device assumes that the 
medium has been tampered with, and the device will not validate Keying Material 
1 14 so as to prevent playback of the medium. 

[0025] The present invention includes various operations, which will be 
described below. The operations of the present invention may be performed by 
hardware components or may be embodied in machine-executable instructions, 
which may be used to cause a general-purpose or special-purpose processor or 
logic circuits programmed with the instructions to perform the operations. 
Alternatively, the operations may be performed by a combination of hardware 
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and software. 



[0026] The present invention may be provided as a computer program 
product which may include a machine-readable medium having stored thereon 
instructions which may be used to program a computer (or other electronic 
devices) to perform a process according to the present invention. The machine- 
readable medium may include, but is not limited to, floppy diskettes, optical disks, 
CD-ROMs (Compact Disc-Read Only Memories), and magneto-optical disks, 
ROMs (Read Only Memories), RAMs (Random Access Memories), EPROMs 
(Erasable Programmable Read Only Memories), EEPROMs (Electromagnetic 
Erasable Programmable Read Only Memories), magnetic or optical cards, flash 
memory, or other type of media / machine-readable medium suitable for storing 
electronic instructions. Moreover, the present invention may also be downloaded 
as a computer program product, wherein the program may be transferred from a 
remote computer (e.g., a server) to a requesting computer (e.g., a client) by way 
of data signals embodied in a carrier wave or other propagation medium via a 
communication link (e.g., a modem or network connection). Accordingly, herein, 
a carrier wave shall be regarded as comprising a machine-readable medium. 

Terms 

[0027] As used throughout this description, the following terms shall be 
accorded their respective meanings: 

VA (Validation Area) 

[0028] A VA is a portion of a medium that has physical properties that 
make it difficult to mimic using ordinary consumer recording equipment/media. A 
VA requires special manufacturing equipment to write, making its contents 
difficult to copy. Furthermore, since the VA is read using a physically different 
process from that used to read the other areas of a medium, a device can 
physically distinguish contents written to a VA from contents that may have been 
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written by an ordinary recorder on ordinary recordable media. One example of a 
VA is the Burst Cutting Area of a DVD-ROM. 

[0029] It should be understood by one of ordinary skill in the art that the 
term "VA" or "VA region" is to be construed as an area having the general 
properties described herein, and that the term "VA" or "VA region" shall not 
preclude other areas having the properties of a VA described herein from being 
construed as an equivalent of a VA. 

Validated Medium 

[0030] A Validated Medium is a medium on which the VA is used to 
validate Keying Material 114. A Validated Medium comprises Validation Data in 
the VA region of the medium. In embodiments of the invention, a medium is 
illegitimate, or unauthorized, if Keying Material 1 14 in a Validated Medium cannot 
be validated, as will be discussed further below. 

[0031] A non-Validated Medium is merely a medium that does not 
comprise Validation Data in the VA region, but does not imply that the medium is 
an illegitimate, or unauthorized medium. In embodiments of the invention, a non- 
Validated Medium is played by a compliant device (as well as a non-compliant 
device) so as to preserve compatibility between compliant devices and 
legitimate, older media. These embodiments encourage consumers to buy 
newer devices, which will still play older media, but which will also prevent 
illegitimate discs from being played. Of course, it is also contemplated that 
compliant devices may prevent non-Validated Media from being played. 

Keying Material 

[0032] Keying Material 1 14 comprises value(s) on which access to 
protected content depends. In content protected by CSS (to be discussed), 
Keying Material 1 14 may comprise Secure Disc Key Data; and in content 
protected by CPPM (to be discussed), Keying Material 114 may comprise an 
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Album Identifier. Typically, the value is used as a key, or is used to form a 
cryptographic key, for decrypting encrypted content 112. While the value may be 
unique for every medium, it is typically unique for some set of media. 

Validation 

[0033] Keying Material 1 14 is validated when it is used to decrypt encrypted 
content 1 12 (or form the cryptographic key needed to decrypt content), thereby 
allowing playback of the read-only content. 

[0034] Where correspondence is checked prior to validation, Keying Material 114 
from the non-VA region of the medium is used if correspondence is found. 

[0035] Where no correspondence is checked for validation, Keying Material 114 
used to decrypt the encrypted content is derived from Validation Data. Where 
the Validation Data comprises the Keying Material 114 (i.e., they are one and the 
same), or where the Validation Data is a copy of the Keying Material 1 14 in the 
non-VA region, the Keying Material 1 14 is derived from the Validation Data by 
using the Validation Data itself. 

[0036] In other cases, Keying Material 1 14 may be derived from the Validation 
Data by converting the Validation Data to the original Keying Material. For 
example, in some embodiments (such as in content protection schemes like 
CSS, to be discussed), Validation Data is a function of Keying Material 1 14, such 
that to use the original Keying Material 1 14 to decrypt the content, the same 
cryptographic function is used on the validation Data to form the original Keying 
Material 114. 

Dew'ce 

[0037] A device is any mechanism for playing back content on a read-only 
medium. For DVDs, such a mechanism comprises a DVD playback device, 
which may be a DVD player, or a DVD drive, for example. 
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Compliant Device 



[0038] A compliant device is a device that will play a Validated Medium. 
Introduction 

[0039] Generally, as shown in the flowchart of FIG. 2, which begins at 
block 200, a compliant device playing a Validated Medium validates the Keying 
Material 1 14 in one of two ways. The compliant device may validate the Keying 
Material 1 14 by using Validation Data in the VA, shown in block 202, where the 
Validation Data may comprise the Keying Material 1 14 in the VA region; a copy 
of the Keying Material 1 14 in the non-VA region; or a function of Keying Material 
114 that is written to the non-VA region (in which case the Validation Data is first 
subject to a function prior to being used to decrypt content, as discussed above). 
In the rare, or unlikely case that the Validation Data comprises some other value 
which will produce an incorrect cryptographic key, or does not comprise a value 
at all, a compliant device may still "validate" the Keying Material and use the 
value in the VA region, but an incorrect/invalid value in the VA region will prevent 
the content from being played. 

[0040] Alternatively, a compliant device may compare Keying Material 114 
written to a non-VA region of the medium to Validation Data written to a VA 
region of the medium, as shown in block 204. In block 206, it is determined if the 
Keying Material 114 and the Validation Data correspond. If they do not 
correspond, then the device does not validate the Keying Material 1 14 in block 
208, thereby preventing the Keying Material 1 14 from being used to decrypt the 
encrypted content 112, and thereby preventing playback of the content. If the 
Keying Material 1 14 and the Validation Data 402 correspond, then in block 210, 
the device validates the Keying Material 114, allowing it to be used for decrypting 
the encrypted data 112. The method ends at block 212. 

[0041] Given embodiments of this invention, the following outlines the 
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different scenarios that may exist for playing media: 

[0042] 1 . Validated Medium is played on a compliant device: compliant 
devices recognize the VA region of a medium, and will therefore look for 
Validation Data in the VA. Keying Material 1 14 may be automatically validated, 
as shown in block 202 of FIG. 2 in newer media that rely solely on compliant 
devices, or where a particular implementation trusts the VA properties of the 
medium. Other implementations may choose to find correspondence between 
the Validation in the VA and Keying Material 1 14 in the non-VA prior to validating 
the Keying Material 1 14, as shown in block 206 of FIG. 2. 

[0043] 2. Validated Medium is played on a non-compliant device: non- 
compliant (i.e. older) devices may not recognize the VA region of a medium, or 
may simply not be designed to look for Validation Data in the VA. Such devices 
will use the Keying Material 114 in the non-VA region of the medium to decrypt 
the content in accordance with previous methods for decrypting. 

[0044] 3. Non-Validated Medium is played on a compliant device: a 
compliant device will look for, but not find a BCA containing Validation Data. The 
device will, in this case, use the Keying Material 1 14 in the non-VA region to 
decrypt the content in accordance with previous methods for decrypting. (As 
discussed above, the device may alternatively prevent playback of the content on 
the medium.) 

[0045] 4. Non-Validated Medium is played on a non-compliant device: a 
non-compliant device will use the Keying Material 1 14 in the non-VA region to 
decrypt the content in accordance with previous methods for decrypting. 

[0046] In scenarios 2 and 4, a non-compliant device will not prevent the 
playback of unauthorized copies of media. In scenarios 2 and 3, prevention of 
unauthorized copies cannot be implemented with a Validated Medium or with a 
compliant device, but interoperability between new devices and old media 
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(scenario 3), as well as old devices and new media (scenario 2), is maintained. 
To preserve compatibility with old devices and old media, the method of FIG. 2 
can be modified as shown in FIG. 3, beginning at block 300. 

[0047] At block 302, a determination is made as to whether the medium 
being read is a Validated Medium (the determination to be discussed in further 
detail). If the medium is not a Validated Medium, then at block 314 the compliant 
device does not look for Validation Data, but instead simply uses the Keying 
Material 1 14 in the non-BCA region of the medium to decrypt the content in 
accordance with previous methods for decrypting. This determination preserves 
interoperability between compliant devices and non-BCA validated media, such 
that if the medium being read is not a Validated Medium, then the compliant 
device will not necessarily prevent the non-Validated Medium from being played. 

[0048] At blocks 306 and 308, the medium is determined to be a Validated 
Medium. The compliant device may validate the Keying Material 1 14 by using 
the Validation Data in the VA (in certain cases, as discussed above), as shown in 
block 306. Since the VA has the special properties that make its contents difficult 
to copy, the compliant device has a certain degree of confidence that the data in 
the VA has not been tampered with. 

[0049] The compliant device may alternatively validate the Keying Material 
1 14 by comparing the Keying Material 1 14 in the non-VA region of the medium to 
the Validation Data in the VA of the medium, shown in block 308. Continuing to 
store Keying Material 1 14 in the non-VA region of the medium can be a means of 
preserving interoperability between Validated Media and non-compliant devices 
such that if a Validated Medium is read by a non-compliant device, which expects 
to find the Keying Material 1 14 in the non-VA of a given medium, the non- 
compliant device will not error out. Thus, a non-compliant device will look for 
Keying Material 1 14 in the non-VA of the medium and use that value to decrypt 
the content. A non-compliant device, however, has no mechanism for validating 
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the authenticity of the Keying Material 114, even if the medium is a Validated 
Medium. 

[0050] A compliant device, on the other hand, can validate the authenticity 
of the Keying Material 1 14 written to a Validated Medium. At block 310, a 
determination is made as to whether the Keying Material 1 14 corresponds to the 
Validation Data. If there is no correspondence (correspondence to be 
discussed), then at block 304 the compliant device does not validate the Keying 
Material 1 14, thereby preventing playback of the content. At block 312, if there is 
correspondence, then the compliant device validates the Keying Material 1 14. 
The method ends at block 316. 

[0051] By embodiments of this invention, BCA validated media can 
prevent hackers from copying Keying Material 114 (and/or its associated 
Validation Data) that is stored on a DVD-ROM onto a DVD-R, for example, 
thereby making an unauthorized copy of the DVD-ROM on the DVD-R 
unplayable. On non-Validated Media, such as a non-Validated DVD, hackers 
can do this, for example, by: 

[0052] • Writing Keying Material 1 14 to the Data Area 1 02 of the DVD-R 
(specifically, the User Data Area of the DVD-R), but assigning it an address 
within the CDA 1 10 of the DVD-ROM such that a device cannot distinguish it 
from legitimate Keying Material 1 14 found on the original DVD-ROM. 

[0053] • Directly writing valid Keying Material 1 14 from the DVD-ROM 
onto the CDA 1 10 of a non-compliant DVD-R disc. 

[0054] As illustrated in FIG. 4, therefore, a Validated Medium 400 
comprises a Validation Area 406 (VA) region and a non-VA region 404, where 
the VA region comprises Validation Data 402, and the non-VA region 404 
comprises Encrypted Content 112. In some embodiments, the non-VA region 
404 may additionally comprise Keying Material 1 14. 



Docket No.: 42390P10453 14 
Express Mail Label: EL845313734US 



Exemplary Embodiments 



[0055] Examples of media comprising a Validation Area 406 include DVD- 
ROMs (DVD-Read Only Memories). Several exemplary embodiments are 
described herein with reference to DVD media. Specifically, concepts related to 
this invention are described in relation to the following exemplary embodiments: 

[0056] • DVD Content Protected By CPPM 

[0057] • DVD Content Protected By CSS 

[0058] • DVD Content Protected By CPPM/CSS 

[0059] While these particular embodiments are described, it should be 
understood by one of ordinary skill in the art that the invention is not intended to 
be limited to these particular embodiments, and that general concepts of the 
invention are applicable to various embodiments not discussed herein. 

[0060] The current state of these embodiments is discussed in this section 
("Exemplary Embodiments"). General concepts of the invention as they relate to 
these exemplary embodiments are described in subsequent sections. Where 
appropriate, or where helpful to understanding the invention, the general 
concepts of the invention are illustrated with reference to these exemplary 
embodiments. 

DVD Content Protected By CPPM 

[0061] The Content Protection For Prerecorded Media (CPPM) 
specification defines a robust and renewable method for protecting content 
distributed on prerecorded (read-only) media types. In one exemplary 
embodiment, a specification is defined for using CPPM technology to protect 
DVD-Audio content distributed on read-only DVD (DVD-ROM) discs. 

[0062] Generally, each CPPM compliant DVD-Audio playback device 
(such as a hardware DVD player, or a software player used in conjunction with a 
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computer equipped with a DVD drive) is given a set of 16 Device Keys denoted 
K d _o, Kdj, Kdjs,. These keys are provided by the 4C Entity, LLC, and are for 
use in processing the MKB (Media Key Block) to calculate the Media Key (K m ). 
Key sets may either be unique per device, or used commonly by multiple 
devices. 

[0063] Each side of a disc with CPPM protected DVD-Audio content 
contains: 

[0064] • Keying Material 114 called an Album Identifier (ID a ibum) 
prerecorded in the Lead-in Area 104 (specifically, the Non-User Data Area). 

[0065] • A Media Key Block (MKB) prerecorded as a specific file in the 
Data Area 102. 

[0066] 'Encrypted Content 112 prerecorded as specific files in the Data 
Area 102. 

[0067] For purposes of this invention, the Album Identifier is described in 
further detail below; however, since the MKB and Encrypted Content 1 12 
concepts are not pertinent to embodiments of this invention other than as 
described above, they are not discussed any further. For a detailed explanation 
of how an Album Identifier is used in conjunction with a Media Key Block to 
prevent unauthorized copying of content protected by CPPM, one can refer to the 
document entitled "CONTENT PROTECTION FOR PRERECORDED MEDIA 
SPECIFICATION, DVD BOOK" published by the 4C Entity, LLC, Revision 0.93, 
dated January 31, 2001. 

[0068] Each side of a disc with CPPM Protected DVD-Audio content 
contains a 64-bit Album Identifier (ID a ibum), which is placed in the Non-Data Area 
104 by the disc manufacturer. Specifically, the Album Identifier is placed in bytes 
80 through 87 of Control Data Area 110 Sector #2. The most significant 8 bits of 
the Album Identifier (stored in byte 80) are currently defined to have a value of 



Docket No.: 42390P1 0453 1 6 

Express Mail Label: EL845313734US 



zero. For forward compatibility, a non-zero value in these 8 bits is not considered 
an error. For the remaining 56 bits, the content provider individually assigns a 
secret, unpredictable (e.g., random) value to each DVD-audio album to be 
protected using CPPM. At the content provider's option, all pressings of a given 
album may contain the same ID a ibum value, or different values may be assigned 
for different pressings. 

[0069] The role of the Album Identifier is not that of individual media 
identification. Rather, it serves as an album-specific value that is integrated into 
CPPM cryptographic key management, and placed in a location that is not 
writeable on compliant DVD recordable-rewriteable media. In a PC (personal 
computer) system, the Album Identifier is accessed using the DVD drive 
authentication protocol. For consistency with other non-CPPM uses of that 
protocol, the confidentiality of the data in Control Data Area 110 Sector #2, 
including the Album Identifier value, should be maintained. 

DVD Content Protected By CSS 

[0070] Content Scramble System (CSS) is a data scrambling and 
authentication scheme intended to prevent copying DVD-Video files directly from 
the disc. 

[0071] The CSS scrambling algorithm exchanges keys with the drive unit 
to generate an encryption key that is then used to obfuscate the exchange of disc 
keys and title keys that are needed to descramble data from the disc. DVD 
players have CSS circuitry that decrypts the data before it's decoded and 
displayed. On the computer side, DVD decoder hardware and software must 
include a CSS decryption module. All DVD drives have extra firmware to 
exchange authentication and decryption keys with the CSS module in the 
computer. 

DVD Content Protected By CPPM/CSS 
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[0072] On combination discs that include both CPPM and CSS content, 
the CDA 110 contains not only the CPPM Album Identifier, but also the Secure 
Disc Key Data, which must be kept secret. 

Determining If A Medium Is A BCA Validated Medium 

[0073] As used herein, media which uses the Validation Area 406 to 
validate Keying Material 1 14 is referred to as Validated Media 400. There are 
various methods for determining if a medium is a Validated Medium 400. For 
example, in one embodiment of the invention, a medium is a prerecorded DVD 
with CPPM protected content. In DVD's, the VA region 406 of the media is 
referred to as the Burst Cutting Area (BCA), and where the DVD uses the CPPM 
protection scheme, Keying Material 1 14 comprises an Album Identifier. The 
Album Identifier is written to a non-BCA region, specifically the Control Data Area 
1 10 of the Lead-in Area 1 04. As mentioned previously, the Album Identifier is an 
8-byte (64-bit) value. Under the current state of the art, the most significant 8 bits 
are set to 0. 

[0074] To implement embodiments of the invention using DVD protected 
by CPPM, the most significant 8 bits are used to indicate that a medium is a 
Validated Medium 400 by setting any one or more of those bits to 1 . Thus, when 
a device determines whether a CPPM protected medium is a Validated Medium 
400, it examines the Album Identifier to determine if its most significant bit, for 
example, is set to 1 . If it is, then the device is triggered to look for Validation 
Data 402 in the Validation Area 406 (specifically, the BCA) of the medium 400. 
Otherwise, the medium is not a Validated Medium 400, and the device will simply 
use the Keying Material 1 14 in the non-VA region of the medium to decrypt the 
content in accordance with previous methods. 

[0075] In other embodiments, such as where Secure Disc Key Data is 
written to the non-VA region of a medium, other methods may be used to 
determine if the medium is a Validated Medium 400. Generally, some sort of 
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trigger is used, which would typically involve setting some data item that is 
currently reserved or unused to a value other than its currently defined value. In 
embodiments of the invention, the data item that is used as a trigger is integrated 
with the Keying Material 1 14, such that a compliant device can also determine 
whether the trigger value has been tampered with when validating the Keying 
Material 114. 

[0076] For example, in content protected by CPPM, since the 
cryptographic key for decrypting content is dependent on the Album Identifier, 
any attempt to tamper with the Album Identifier will prevent it from producing the 
correct cryptographic key, thereby preventing the content from being played. 
Thus, if a hacker tries to thwart the scheme by flipping the most significant bit 
from 1 to 0 (in reference to the example above), the hacker will also change the 
Album Identifier. Although a compliant device will bypass validation, it will still 
use the Album Identifier in an attempt to decrypt the content, but since the Album 
Identifier has been tampered with, it will not produce the correct key for 
decrypting the content. 

Keying Material 

[0078] Keying Material 1 14 is a value or set of values that is written to a 
medium 100, 400 containing protected content, and upon which access to the 
content depends. For example, on DVD-Audio media protected by CPPM 
(Content Protection For Prerecorded Media), Keying Material 114 comprises an 
Album Identifier, which is an 8-byte (64-bit) value that is assigned individually and 
randomly to each album to be protected, and which is used in forming the 
cryptographic key needed to decrypt content on the medium, discussed supra. 
On DVD-Video media protected by CSS (Content Scramble System), Keying 
Material 114 comprises Secure Disc Key Data. On Media using a combination 
CSS/CPPM protection scheme, both an Album Identifier and Secure Disc Key 
Data are present. 
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[0079] Keying Material 1 14 that is used to decrypt content (either by using 
it directly, or by forming a cryptographic function to decrypt the content) can be 
derived from the Validation Data that is in the VA region, or it can be used 
directly from the non-VA region, as explained in the section entitlted "Validation", 
supra. 

Validation Data 

[0080] Validation Data 402 is data that enables a playback device to verify 
that the Keying Material 1 14 read from the medium is authentic (i.e. is not an 
unauthorized copy written using widely available recording equipment and 
recordable media). 

[0081] The nature and location of the Validation Data 402 varies 
depending upon the type of protection enabled for a given Validated Medium 
400. In some cases, the Validation Data 402 may comprise the Keying Material 
1 14 itself, and in other cases, the Validation Data 402 may comprise a copy of 
the Keying Material 1 14, or a cryptographic function of the Keying Material 1 14. 
Examples follow for each of the exemplary embodiments discussed above. In 
embodiments of the invention described herein, Validation Data 402 is written to 
the VA region 406 of a medium. 

DVD Content Protected By CPPM 

[0082] On Validated Media protected by CPPM where the Keying Material 
1 14 comprises an Album Identifier, the Validation Data 402 comprises a copy of 
the Album Identifier. 

DVD Content Protected By CSS or CPPM/CSS 

[0083] On Validated Media where content is protected by CSS, and where 
content is protected by a combination scheme of CPPM/CSS, the Secure Disc 
Key Data are to be kept secret. Consequently, all values in CDA 110 sectors 
containing Secure Disc Key Data (possibly including sector #2 containing the 
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Album Identifier) must be secret, due to the way that the sectors are scrambled 
during transfer from drive to host, for instance. However, storing a copy of the 
Album Identifier in the VA region 406 would make the value of the Secure Disc 
Key Data obvious (where a combination CPPM/CSS scheme is used), since the 
standard drive interface permits the BCA region 406 to be read in the clear. 

[0084] Thus, in the case of content protected by CSS, where the Keying 
Material 1 14 comprises Secure Disc Key Data, the Validation Data 402 
comprises a function on the Secure Disc Key Data. Where content is protected 
by a combination scheme, and the Keying Material 1 14 comprises both the 
Album Identifier and Secure Disc Key Data, Validation Data 402 comprises a 
function on the Album Identifier, as well as a function on the Secure Disc Key 
Data. 

[0085] By using a one-way cryptographic function on a value to create the 
Validation Data 402, rather than using the given value itself, the value is 
prevented from being discovered by reading the VA region 406. At the same 
time, it permits devices to compare the Validation Data 402 in the BCA region 
406 to the Keying Material 1 14 in the CDA 1 10, as described below in the section 
entitled "Determining Correspondence". 

Other Content Protection Formats 

[0086] New content protection formats and schemes for reading media 
can be designed by simply placing Keying Material 1 14 in the VA region of the 
medium, such that the Validation Data 402 comprises the Keying Material 114. 
Since the VA region has special properties that make mimicking that region very 
difficult, compliant devices can have a high degree of confidence that the data in 
the VA region has not been tampered with. 

[0087] Alternately, new formats might be designed with Keying Material in 
the non-VA region of the medium, and Validation Data (possibly a copy of the 
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Keying Material itself) in the BCA. This approach would allow providers of 
content on the new format to choose whether or not to include the Validation 
Data in the BCA (i.e. a trade-off between increased protection against 
unauthorized copies, versus the added manufacturing cost of including the BCA). 

Determining Correspondence 

[0088] As shown in FIG. 5, correspondence relates to whether a device 
500 can validate Keying Material 1 14 by comparing the Keying Material 114 
written to the non-VA region of a medium to Validation Data 402 in the VA region 
of the medium. In embodiments of the invention, correspondence is determined 
where Keying Material 1 14 is placed in non-VA region 404 of the medium, rather 
than just placing it in the more secure VA region 406, and where the scheme for 
a given compliant device does not automatically validate Validation Data 402 
written to the VA region 406. 

[0089] Assuming a compliant device, and a BCA validated medium 400 in 
one embodiment described above, the device 500 retrieves 506 the Keying 
Material 1 14 from the non-VA region 404 (e.g. the Control Data Area 1 10 of the 
Lead-in Area 104 on a DVD), and also retrieves the Validation Data 402 from the 
VA region 406. 

[0090] A comparator 502 in the device 500 compares the Keying Material 
1 14 to the Validation Data 402. If the values correspond, then a validator 504 in 
the device 500 validates the authenticity of the Keying Material 1 14, allowing the 
Keying Material 1 14 to be used for decrypting the content 112. Although the 
comparator 502 and the validator 504 are shown as separate entities in the 
device 500, it should be understood by one of ordinary skill in the art that such a 
depiction is for illustrative purposes only, and that the functionality may be 
combined into a single entity, and may alternatively be an entity distinct from the 
device itself. 
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[0091] Correspondence between Keying Material 114 and Validation Data 
402 can be determined in a number of ways, depending upon the type of Keying 
Material 1 14 and Validation Data 402 used in a particular embodiment. 
Examples of making this determination in exemplary embodiments of the 
invention are described below. 

DVD Content Protected by CPPM 

[0092] For content protected by CPPM, correspondence exists between 
the Keying Material 1 14 and the Validation Data 402 if the Album Identifier in the 
non-VA region 404 (e.g., the Control Data Area 1 10 on a DVD) matches a copy 
of the Album Identifier in the BCA region 406. If the two values match, as 
determined by the comparator 502, then the device 500 validator 504 
authenticates the Album Identifier, which can then be used to decrypt the 
medium content 112. 

DVD Content Protected by CSS 

[0093] For content protected by CSS, correspondence exists between the 
Keying Material 1 14 and the Validation Data 402 if a function of the Secure Disc 
Key Data in the non-VA region 404 (e.g., the Control Data Area 1 10 on a DVD) 
matches Validation Data 402 (i.e., a function of the Secure Disc Key Data) in the 
VA. A one-way cryptographic function, for example, of one of the Secure Disc 
Key Data values from the CDA 1 10 is written to the VA region 406, such that 
when a device 500 reads the Secure Disc Key Data value from the non-VA 
region 404, it uses the same one-way cryptographic function on that value. 

[0094] The device 500 compares the calculated value as determined by 
the comparator 502, for example, and compares it to the Validation Data found in 
the VA region 406. If the values match, then the device 500 validator 504 
authenticates the Secure Disc Key Data values, which can then be used to 
decrypt the medium content 112. 
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DVD Content Protected by CPPM/CSS 



[0095] For content protected by a combination of CPPM/CSS, 
correspondence exists between the Keying Material 1 14 and the Validation Data 
402 if a function of the Album Identifier in the non-VA region 404 (e.g., the 
Control Data Area 1 10 on a DVD) matches Validation Data 402 (i.e., function of 
the Secure Disc Key Data and function of the Album Identifier) in the VA. A one- 
way cryptographic function of one of the Album Identifier from CDA 110 Sector 
#2, and a one-way cryptographic function of the Secure Disc Key Data are 
written to the BCA region 406, such that when a device reads the Album 
Identifier and the Secure Disc Key Data from the CDA, it uses the same one-way 
cryptographic function on those values. 

[0096] The device 500 calculates the function on the Album Identifier and 
on the Secure Disc Key Data from the non-BCA region 404 and compares the 
calculated values to the Validation Data found in the BCA region 406. If the 
values match, then the device 500 validator 504 authenticates the Album 
Identifier and Secure Disc Key Data, which can then be used to decrypt the 
medium content 112. 

Conclusion 

[0097] Thus, embodiments of the invention provide a robust means of 
validating Keying Material 1 14 to protect content, such as prerecorded CPPM or 
CSS content on DVD-ROM media, against unauthorized copying. The enhanced 
protection is enabled by new discs and new devices that use the invention. At 
the same time, full interoperability among new and old devices, and new and old 
media is maintained. 

[0098] In the foregoing specification, the invention has been described 
with reference to specific embodiments thereof. It will, however, be evident that 
various modifications and changes may be made thereto without departing from 
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the broader spirit and scope of the invention. The specification and drawings 
are, accordingly, to be regarded in an illustrative rather than a restrictive sense. 

[0099] For example, while several exemplary embodiments have been 
described, it should be understood by one of ordinary skill in the art that concepts 
of this invention can be applied to other types of content, content protection 
systems, and media formats. For example, while the exemplary embodiments 
described herein are specific to DVD media as they relate to some of their 
current forms of protection (i.e. CPPM, CSS), one of ordinary skill in the art would 
understand that the read-only media described herein comprises a VA region 
and a non-VA region, and may not necessarily comprise all regions found in a 
DVD media. 

[00100] Furthermore, while embodiments of the invention described herein 
refer to an area called the Validation Area, it should be understood that the 
Validation Area is an area having characteristics described herein, and that such 
an area is not limited to areas that are called, or that contain the term, Validation 
Area. As an example, DVD-ROMs comprise a Validation Area called a Burst 
Cutting Area. 

[00101] While a one-way cryptographic function is discussed herein, it is 
also contemplated that a two-way cryptographic function may be used. For 
example, where no correspondence is checked, and Validation Data comprises a 
function of Keying Material, a two-way cryptographic function may be used which 
would convert the Validation Data back to its original Keying Material. 
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